Back
Export
Closing Date: 11 June 2026
image failed to load
IT Auditor - Windhoek  Windhoek
image failed to load

Purpose of the position:

To conduct risk-based audits and assessments of the organisation’s information technology environment, including systems, infrastructure, and digital operations, by evaluating IT governance, internal controls, cybersecurity, and regulatory compliance to strengthen risk management and support overall governance and assurance objectives. The role provides independent assurance on IT risks, identifies control weaknesses, and recommends practical improvements, while preparing reports for Executive Management and the Audit, Investment, Risk and Compliance Committee (AIRCC), contributing to strategic and risk-based audit planning, and promoting the implementation of effective internal controls and best practices across the organization

 

Key performance areas:

1.Risk-based IT Audit Planning and Execution

  • Develop and execute IT audit plans based on risk assessments.
  • Identify control weaknesses and opportunities for process improvement.

2. Information Security and Cyber Risk Review

  • Evaluate security configuration and access controls.
  • Assess vulnerabilities management processes and cyber security measures.

3. Systems Control Evaluation

  • Review the design and effectiveness of internal controls in enterprise systems.
  • Test data-integrity and audit-trail configuration.

4. Collaboration and Stakeholder Engagement

  • Work with IT, Risk, and Operations teams to coordinate audits and reviews.

5. Develop and execute IT audit plans based on risk assessment

  • Contribute to the development of the departmental strategic plan.
  • Compile and maintain a five-year risk-based audit plan

6. Risk Assurance

  • Provide assurance on IT risks and advice on internal controls and best practices.

 

Qualification Requirements:

  • Bachelor's Degree in Information Systems, Computer Science, or Internal   Auditing (NQF Level 7)
  • Relevant Certification (e.g. CISA, CISM, CRISC, or equivalent) is an advantage

 

Experience and special knowledge requirements

  • At least five (5) years of experience in:
  • IT auditing
  • Cybersecurity assessment
  • Systems risk management

 

Skills Requirement:

  • Valid Driver’s License
  • Registered member with the Information Systems Audit and Control Association (ISACA) OR the Institute of Internal Auditors (IIA)

 

Knowledge of:

  • IT General Controls (ITGC’s)
  • Risk-based auditing
  • Relevant IT frameworks (COBIT, ISO 27001)
  • Oracle database an added advantage

 

Closing Date: 11 June 2026
Back